Bug 1558862
Summary: | [REF] The ASB should support private registry | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Jian Zhang <jiazha> |
Component: | Service Broker | Assignee: | Dylan Murray <dymurray> |
Status: | CLOSED ERRATA | QA Contact: | Jian Zhang <jiazha> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 3.9.0 | CC: | aos-bugs, chezhang, dmoessne, dymurray, jiazha, jmatthew |
Target Milestone: | --- | ||
Target Release: | 3.10.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | No Doc Update | |
Doc Text: |
undefined
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2018-07-30 19:10:48 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jian Zhang
2018-03-21 07:33:41 UTC
Jian, The main issue is that openshift registry implementation does not support the Catalog API in docker registry v2. Without this we are limited in the functionality we can obtain discovering APBs. There is a trello card on dev-exp to implement catalog api here: https://trello.com/c/AZINw5qI BZ is tracked here: https://bugzilla.redhat.com/show_bug.cgi?id=1509084 Assuming that catalog api is not available, we do have a workaround with current Broker code. We need to explicitly list the APB images we want the registry adapter to support in the config entry. Documentation is here showing how this works: https://github.com/openshift/ansible-service-broker/blob/master/docs/config.md#openshift-registry Please try the documentation out and see if this is sufficient for your immediate needs. If this works for you I would recommend we close this BZ. Jian, I can clear something up here. The `openshift` registry currently only connects to the ISV registry (registry.connect.redhat.com). I am working on a PR to fix https://bugzilla.redhat.com/show_bug.cgi?id=1558472 which I hope will also give improvements to this bug. I believe my PR should resolve both of these. Dylan, Thank you for your clarification! I also believe your PR can fix that `openshift` registry issue. But, I don't think it will work for this bug, because as you said, it only connects to the registry.connect.redhat.com. For this [REF] bug, our expectation is that the ASB should support the user's private registry, which is configurable. Not limit it to the registry.connect.redhat.com. Jian, Yes part of my PR is to remove the requirement on registry.connect.redhat.com. My PR will assume a generic openshift registry and retrieve the authentication redirect header to grab a bearer token. It will take the users configured URL and add /v2/ as a suffix to get the authentication header. I *hope* that this will work for any registry that supports the v2 docker registry API, including any users private registry. Dylan, That's good! Thanks! Dylan, Can we use a trello card to trace this new requirement? or use existing card https://trello.com/c/NaNlxsPo Zhang, Sounds good, I will track testing of this registry in that card. Thanks! https://github.com/automationbroker/bundle-lib/pull/66 https://github.com/automationbroker/bundle-lib/pull/67 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:1816 |